Monthly News Roundup - May 2015 (TL;DR)

2015-06-09_Dark-ReadingNEWS

This month we learned that the high cost of hacks keeps getting higher. Also, the IRS announced that data thieves (and/or their black market customers) stole millions from the U.S. taxpayer. Oh, and yet another health insurer has had its customers’ data stolen. Surprise, surprise. All that and more as we take a look at the headlines from May 2015:

  • Cost of Data Breaches Reaches Record High: In 2015, the average per-record cost of a data breach hit an all-time high of $217. The record-setting price was announced in a new report from Ponemon Group, commissioned by IBM Security.
  • IRS Hit By Cyber Attack: The IRS has been bilked of $50 million. IRS Commissioner, John Koskinen, disclosed the massive theft, which relied on stolen personal information. According to reports, criminals used previously nabbed data to file false returns with the federal tax agency. In an ominous warning, the commissioner cautioned that the fraudsters might be holding on to some personally identifiable information to use it in the future.
  • Oil & Gas Firms Hit By Cyberattacks That Forgo Malware: Sometimes all it takes is some good, old-fashioned social engineering. According to reports, researchers at Panda Labs discovered an scam that collects login credentials via a phony PDF download. Using the information, this Nigerian-based scheme poses as a legitimate transportation firm and steals deposits from oil traders.
  • GPUs Can Be Hacked: Graphics cards can run malware. The first known rootkit to make this possible, dubbed Jellyfish, was created by professional developers for Linux systems as a proof of concept… a foreboding proof of concept. For a long time, speedy graphics units have been an appealing but unattainable option for hackers to avoid CPUs. In the current network security environment, this type of malware would be much harder to detect because there are no tools to analyze graphics cards for infection.
  • New Malware Enters the World Every 4 Seconds: A new report reveals that less than every four seconds, new malware types are discovered. Last year saw the introduction of 4.1 million new strains of malware. In a related re-tweet, we highlighted the fact that an average of 21.6 software vulnerabilities were discovered every day last year. With so much malware on the loose, and software security gaps in your apps, you can’t possibly patch them all, piecemeal. But with a browser in the cloud, you could keep all malware off your local browser and prevent countless attacks and breaches from harming your network.
  • CareFirst Discloses Data Breach: Health Insurance giant, CareFirst, reported a network breach that has compromised customer information. Up to 1.1 million customers could be affected by the hack that exposed names, email addresses and birthdays. Carefirst is the third major health insurance company to report a large-scale breach in 2015. Anthem and Premera disclosed data thefts earlier this year.